(Mar 2, 2015)
The White House released what it’s calling a “discussion draft” of its Consumer Privacy Bill of Rights (CPBR) late Friday. The bill aims to “establish baseline protections for individual privacy in the commercial arena and to foster timely, flexible implementations of these protections through enforceable codes of conduct developed by diverse stakeholders.” We round up the various reactions.
Read More

(Feb 27, 2015)
President Obama’s recent proposal of a National Data Breach Notification Standard (or The Personal Data Notification & Protection Act) has received widespread attention for its promise to preempt and unify the existing patchwork of state-level requirements. IAPP Westin Research Fellow Patricia Bailin analyzes the proposed bill and how it would impact state, city and territorial laws.
Read More

(Feb 27, 2015)
On Wednesday, the Digital Advertising Alliance announced an extension of its AdChoices program beyond the desktop. AppChoices, an app consumers can download (with an attendant web page), allows consumers to manage ad preferences one step further, offering the ability to opt out of targeted ads served through apps on mobile devices.
For example, consumers can choose not to allow advertisers to target them based on their location.
Now, why would a company like xAd, whose very business model invo...
Read More

(Feb 24, 2015)
First Data began its effort to win approval for its binding corporate rules (BCRs) in 2007. This month, the UK Information Commissioner's Office (ICO) officially recognized the multinational payment solutions company's BCRs for data processors. Now able to boast it's been approved for both processors and controllers, it's also the first company to have done so under the purview of the ICO.
Read More

(Feb 24, 2015)
In the first of a three-part series on the people, process and technology impacts of Europe’s forthcoming General Data Protection Regulation, Steve Kenny looks at people and a rationale for evolving risk management philosophy.
Read More

(Feb 24, 2015)
The third edition of Privacy Law Fundamentals (PLF) is being released at the Global Privacy Summit. PLF 2015 incorporates developments in privacy law, an introductory chapter summarizing key new laws, cases and enforcement actions and answers to FAQs. Authors Dan Solove and Paul Schwartz talk about the book and its latest edition in this Q&A.
Read More

(Feb 24, 2015)
The African Forum of Computer Incident Response Teams (AfricaCERT) and the STOP. THINK. CONNECT Messaging Convention joined together this month to help promote online safety awareness to the African economies represented by AfricaCERT's membership. One of the main facets of this campaign was to promote cybersecurity awareness at the individual user level.
Since its inception in 2009, the convention's slogan and message has been adopted by dozens of international corporations, government organizations such as the U.S. Department of Homeland Security and countries including Uruguay and Jamaica. The STOP. THINK. CONNECT. campaign seeks to aid individuals in staying safe online, and it is the first such campaign the convention has entered into with a multilateral trade association in Africa.
Read More

(Feb 24, 2015)
In the second installment in this series looking at monitoring programs across industries, including the privacy consultant, healthcare, IT, finance, government and telecom, Deidre Rodriguez, CIPP/US, talks with with Danette Slevinski, vice president and corporate responsibility officer for Bon Secours Charity Health System, where she administers the corporate responsibility and Health Insurance Portability and Accountability Act (HIPAA) privacy program. "taff come and go. Laws change. Electronic systems and software are updated. By having a monitoring program that you update regularly, at whatever interval works for your organization, you can ensure that internal and external changes do not result in noncompliance," Slevinski says.
Read More

(Feb 24, 2015)
In the sixth chapter of this ongoing series, K Royal, CIPP/US, CIPP/E, writes about what might be the largest hurdle in a successful vendor management program: the contracting piece. "In this chapter, we will consider the actual contracting process, no matter the service that is being provided," she writes. "This is the point where you have already established your thresholds and the contract has reached your desk, either legal or privacy. This is applicable no matter the staffing model for how your privacy office works with the legal office."
Read More

The IAPP is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.Learn more

The IAPP is the only place you’ll find a comprehensive body of resources, knowledge and experts to help you navigate the complex landscape of today’s data-driven world. We offer individual, corporate and group memberships, and all members have access to an extensive array of benefits.